CVE-2021-3805

Опубликовано: 17 сент. 2021

Источник: debian

Описание

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Пакет	Статус	Версия исправления	Релиз	Тип
node-object-path	fixed	0.11.8-1		package
node-object-path	fixed	0.11.5-3+deb11u1	bullseye	package
node-object-path	end-of-life		stretch	package

https://huntr.dev/bounties/571e3baf-7c46-46e3-9003-ba7e4e623053
https://github.com/mariocasciaro/object-path/commit/4f0903fd7c832d12ccbe0d9c3d7e25d985e9e884 (v0.11.8)

CVE-2021-3805

CVSS3: 7.5

ubuntu

больше 4 лет назад

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVE-2021-3805

CVSS3: 7.5

redhat

больше 4 лет назад

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVE-2021-3805

CVSS3: 7.5

nvd

больше 4 лет назад

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

GHSA-8v63-cqqc-6r2c

CVSS3: 7.5

github

больше 4 лет назад

Prototype Pollution in object-path